raccoon | ec642b740a50f40817b916be127f134645b403ddb31c014bd1e85b4ce785d9a7 | Triage

Sharing

General

Target

hbtwo_20220310-180244
Size

628KB
Sample

220310-v42xlscefn
MD5

cf3a653adff65b3aafc3b0a10e360cbe
SHA1

ae8fc3b9943df6c056ee71c648dfd0baf94daa40
SHA256

ec642b740a50f40817b916be127f134645b403ddb31c014bd1e85b4ce785d9a7
SHA512

f5633e8f188f6cf4fe93d71668723834d4e11b9365acfeb827de54a078fddc96b47dde970c13e489bd88feda32dcd39363c0bbbc346b09a9c4ab8940ed9323b1

Score

10^/10

raccoon 1c0fad6805a0f65d7b597130eb9f089ffbe9857d stealer suricata

Malware Config

Extracted

Family

raccoon

Botnet

1c0fad6805a0f65d7b597130eb9f089ffbe9857d

Attributes

url4cnc
http://194.180.191.241/capibar
http://103.155.93.35/capibar
https://t.me/capibar

rc4.plain

rc4.plain

Targets

- Target
  
  hbtwo_20220310-180244
- Size
  
  628KB
- MD5
  
  cf3a653adff65b3aafc3b0a10e360cbe
- SHA1
  
  ae8fc3b9943df6c056ee71c648dfd0baf94daa40
- SHA256
  
  ec642b740a50f40817b916be127f134645b403ddb31c014bd1e85b4ce785d9a7
- SHA512
  
  f5633e8f188f6cf4fe93d71668723834d4e11b9365acfeb827de54a078fddc96b47dde970c13e489bd88feda32dcd39363c0bbbc346b09a9c4ab8940ed9323b1
Score

10^/10

raccoon 1c0fad6805a0f65d7b597130eb9f089ffbe9857d stealer suricata
- Raccoon
  Simple but powerful infostealer which was very active in 2019.
  stealer raccoon
- suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
  suricata: ET MALWARE Win32.Raccoon Stealer - Telegram Mirror Checkin (generic)
  suricata
- suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
  suricata: ET MALWARE Win32.Raccoon Stealer Checkin M6
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealer

behavioral2

raccoon1c0fad6805a0f65d7b597130eb9f089ffbe9857dstealersuricata